Changes to 034
The telnet server and client have been removed and replaced with dropbear,
which is a SSH server and client. This SSH server is also capable of
both client and server TCP port forwarding. This allows for floppy users
to open this server to Internet access and still have security with
encryption, along with SSH tunnels to the local network.
Two new options, one to disable root logins with the FTP server and the
other to disable root logins with SSH.
The local ban can now also be a local allow. This allows a user to ban
there entire local subnet and then allow just the IP addresses that they
want to give access to the Internet. This still allows all local users
access to FREESCO and any servers running. The banlist.cfg has been replaced
with restrict.cfg to clarify the ban/allow changes and in the file format
along with some minor changes to the control panel. ALL of the ban/allow
commands can be time based rules with the addition of a start and stop time.
This time format is based on hours and minutes of the day where the range is
from 000 to 2359 and also includes an optional day format, so that rules can
be day of the week oriented as well.
A new DHCP server mode. You can now set the DHCP server in "s" server mode.
Previously in 033 this was done automatically if there was only one network
card installed. Now this mode can be used on multiple interfaces. What this
mode does is if FREESCO is NOT your ISP connection, then it can still act as
a local DHCP server. Added some new checks in the rc_dhcpd to prevent the
server from running on the external interface when it shouldn't.
A new shutdown sound if diagnostic beeps are enabled in the advanced setup.
This enables a user without a monitor to know when the machine is completely
shut down.
A new read only disk option. This option can move a hard drive install
to a ram drive the same as previously available with floppy installs.
The only restriction is that the hard drive install including packages
is small enough to fit into the ram drive excluding the kernel and
ram disk size. This means that the system will run entirely in ram with
absolutely no disk activity and it will be impervious to power failures
or improper shut downs which cause disk corruption as well as absolutely
no disk activity when FREESCO is running.
A new SMTP client that can email logs to a specific recipient rather than
deleting them when the size limit is reached, as well as the ability to
email the external IP address at each connection time or any time it changes
and the ability to email a report.txt. This makes managing a remote system
possible as well as easily monitoring it's status.
A new feature to save logs to root's home directory when FREESCO is
installed on a hard drive, along with being able to remove logs older than
the number of days that you specify with a special command that can be
included into a crond job.
A new option in the setup to add additional ports to stealth. With this
feature it is possible to completely stealth your router as long as all other
security settings are also set in secure mode. Additional firewall rules to
stealth server service ports when set in secure mode.
All default configuration files are now hard coded into the ram disk. This
means that if a configuration file becomes corrupt or if anyone makes
changes that cause the file not to function. All that is required is to
delete the file from the /boot/etc directory and reboot the router. The
original will be in the /etc/ directory unmodified. This applies to all
original files in the /etc directory.
Two new ram disk sizes, 8MB and 16MB ram disks can now be installed.
Previously only 2MB and 4MB ram disks would install. The 2MB ram disk has
been removed with these two new additions along with only installing one
ram disk rather than two. Previously ram disk #1 was almost never used by
the system other than for /tmp directory space. This change has also raised
the minimum memory requirement to 20MB before a ram disk will install. Also
a new option to restrict the maximum ram disk size to just one 4MB ram disk
regardless of the system memory detected is available.
Changed the rc_dhcpd to remove dynamic DHCP leases any time a static DHCP
lease is added with the same MAC address.
More floppy formats are now supported 1440,1680,1722,1743,1760,1840,1920,
2880
More hard disk partitions are now supported by default hda,hdb,hdc,hdd,sda,
sdb,sdc,sdd with partitions from 1 through 7
034 will now mount from any device and file system that is supported by the
kernel. A DOS file system is still required for the mv2hd command. But other
formats can be used with a custom installation, such as ext2 which can be
used with the add on ext2-0.3.4-lewis package which will install on ANY
running (Internet connected) 0.3.4 floppy.
Changed the /etc/rc file so that non standard floppy formats will respond
the same as a standard 1.44 floppy. Also floppy drives that are not on the
first device "fd0". This means that when booted from fd1 or fd0u1680
FREESCO will still respond correctly.
Changed the rc_eth file to ignore incorrect gateway settings when entered
statically or through DHCP from a mis configured ISP DHCP server.
Enabled the DHCP client logging in the setup and system.cfg file which had
not been enabled in previous versions of the 03x series. Repaired the colors
in the setup which has been a bug since FREESCO was first released (All
previous versions), so that yellow is really yellow. Added emailing a
report.txt directly from setup.
Changed back to the 2.0.39 kernel to resolve the PPP problems in 033. This
also means that all packages for the 03x series will run as well as the
modules-03x.zip can be used for network drivers and all of the 032 kernels.
If anyone is currently using a DX based processor there is a kernel.dx
included in the zip file that can be copied to the floppy and the only
difference will be that you will have a 20K increase in free disk space.
Both new 034 kernels are also PCI optimized so 034 should perform better on
PCI based systems.
Changed the password file for the root user to now have a home directory of
/home/root, rather than just using / as the home directory. This change
was required for the SSH client to retain any public key files as well as
improvement for other applications that use root's home directory for
specific user settings. This is also the storage location of log files if
that option is enabled.
Upgraded dnsmasq to version 1.17 which fixes a significant number of bugs
from 1.14, along with increasing the default cache size to 600
Upgraded dhcpd to version 2.0pl6 from b1.18 which fixes a number of old
issues along with a security patch.
Upgraded the dhcpcd client daemon to version 1.3.22pl4. Thanks to Dingetje
for help with compiling it.
Upgraded pure-ftpd from version 1.0.12 to 1.0.20
Upgraded thttpd from 2.05 to 2.25b.
Added user home web directories which can be enabled and accessed at
http://your.router/~UserName. Removed /home directories for RAS
(dial in) clients.
Added bandwidth control for the web server. Which means if you want you can
restrict the web server so that it can never use more than the amount of
bandwidth that you choose in Bytes per second.
Added options to the firewall setup so that all of the helper modules can be
selected independently of each other. In all previous versions of FREESCO
all of the modules were loaded automatically. But as each module decreases
security it is now an option to only load the ones you really need.
Added a firewall rule to prevent external "smurf" attacks as well as external
IP spoofing.
Recompiled the pptp binary with better optimization flags to improve it's
size.
One minor text color fix to the a: command as well as being able to mount
any fd1 or special floppy formats with the addition of the device name after
the a: command. Such as in "a: fd1" or "a: fd0u1680"
Changed the cp-rf command so that it can now copy files and directories with
spaces in the names.
Changed the rc_dns so that special static DHCP leases will be incorporated
into the /etc/hosts file correctly for DNS resolution. There has also been a
change so that the DNS server will always resolve the same IP for it's own
name. This resolves the problem of separate subnets that are not trusted to
always get the correct IP address for the router as well as any dyndns
clients that may be installed.
Up to four different ISP DNS servers can be defined either statically or
dynamically from the DHCP client or through the PPP client. These can either
be used by the local caching DNS server or parsed to the clients with the
DHCP server if the caching DNS server is disabled.
Increased the ram0 to 3Mb formated rather than 3Mb unformatted. This
increase still allows FREESCO to run on 8MB of ram.
The dynamic DNS client now supports DynDNS, ZoneEdit, and DHS service
providers.
Moved the /boot/rc directory into the ram disk. This provides a much faster
boot for the floppy as well as providing a HUGE gain in disk space which was
required for the above improvements and changes. This change will affect all
lprng and Apache users, however it can be worked around, Dingetje has stated
he would repackage them both for compatibility with this version and anyone
using an older version of these packages can simply copy the /rc/rc_lpd and
/rc/rc_httpd to the /pkg/rc directory after the package is installed or
before an upgrade to this version is attempted. ANY built in /rc/rc_? file
that a user wants to modify, excluding the rc_user file which is still
available for editing can be copied to the /pkg/rc/ directory and then
modified. All files in /pkg/rc/ will over ride any default rc_? file in the
/rc/ directory.
Moved the control panel /boot/wwa directory into the ram disk. This change
is primarily for a 20K gain in disk space, but it also increases control
panel access times and helps prevent unnecessary disk activity. Also some
new functions in the control panel to email a report, netinfo, or the
current logs.
Changed the initial boot up parameters so that a mv2hd can be done before any
type of configuration has been made and the system will still recognize that
it has never been setup and go into the setup mode on the hard drive. This
change is/was not required for this version, but for those with less than
dependable floppy drives it may be needed. It may may also be useful in
future versions where space constraints are possibly to high in some
configurations.
Currently 50K free on the floppy.